Internet Security for the Home User

In the last two articles, The Practical Mac has explored both the legal and the technical aspects of Internet and network security for businesses. Today, we take a look at the issue of security for the home user.

For home users, there are two primary threats to security: hackers and viruses. The only way to make a computer 100% secure against outside threats such as viruses and hackers is to unplug it from the network and telephone line and never load any programs on it from sources such as floppy disks, Zip drives, or CDs.

Although these actions would achieve 100% security, they would also pretty much defeat the purpose of having a computer. Fortunately, there are a few simple, almost painless, steps the home user can take to make their computer as safe from intrusion as it can possibly be.

Overview

The vast majority of viruses are written for the Windows platform. There are a couple of reasons for this. The explanation most cited is that "Windows users make up 90% of computer users, so virus programmers direct their efforts to the platform where they can have the most impact." While this is true to some extent, it ignores the second and arguably more important reason: Windows has more security flaws and is therefore an easier platform to hack.

Much the same argument can be made for thwarting would-be hackers. Windows has more security holes and is easier to compromise. Even if a Classic Mac OS system were compromised, few hackers would know what to do in order to wreak havoc. However, if an OS X system is compromised, the hacker would have access to BSD Unix, and many of them would know exactly what to do to hit the system where it hurt.

So what is my initial threshold recommendation? Don't run Windows if you don't have to. While this may seem simplistic, it can go a long way toward maintaining a secure and healthy computing environment. It may not be as difficult to achieve as you might believe.

For many years in the late 80s and early 90s, my primary computer was a Mac. Over the next several years my computing habits devolved to the point that I retired my last Mac to the closet in 1998 in favor of a Windows-only platform. After less than two years I came to realize exactly why I had never favored Windows before and bought another Mac.

I initially had the same fears about software compatibility that I often hear argued in opposition to the Mac. However, those fears were soon found to be groundless. Most major, mainstream applications have Mac versions. Those that don't generally have Mac equivalents. Today, my primary computer is an iBook 466.

I am currently in a state of transition between jmy current residence in Atlanta, GA, and my future residence in London, KY, about a 4-hour drive away. I have a small apartment in Kentucky and go home to Atlanta most weekends. When I am home on the weekends, I rarely even fire up my trusty (and significantly upgraded) Power Mac 7500.

I honestly can't remember the last time I even booted my Athlon 750, which runs Windows 2000. I built the Athlon system about 18 months ago with the anticipation that it would replace my Cyrix 233 system (the one which had replaced my last Mac). However, it was about this time that I re-entered the Mac world, and the Athlon never had a chance. I run Connectix' Virtual PC on my iBook in order to run a single Windows program for which there is no Mac equivalent. This is actually a Windows 3.1 program at that, and one that I can assure you is not in widespread use.

My Mac "homecoming" has been the most pleasant experience since I first discovered computers over 20 years ago!

Personal Firewall

I am often asked my friends and colleagues whether I think they should run a personal firewall program at home. My answer is always, "It depends."

If you are a home users who connects via dialup modem connection for routine email and Web surfing, the answer is, "Probably not." This sort of connection does not carry a high vulnerability risk. If you have a second phone line (or don't mind tieing up your primary phone line) and tend to stay connected for hours at a time, then the answer becomes, "Maybe."

The longer you are connected, regardless of the method of connection, the more your risk

When you are online, a hacker has to first find you and then explore your vulnerabilities before they can even begin to try to gain access to your computer. If you are connected only sporadically, for less than an hour at a time, this process is almost impossible. The longer you are connected, regardless of the method of connection, the more your risk of becoming a hacker target increases.

If you are connected via cable modem, DSL, or some other semi-permanent connection, then you probably do need a personal firewall. However, just because you have a full-time Internet connection does not mean that you automatically need a firewall. You can only be hacked when your computer is turned on, even if your connection is always on. If your computer is only on for an hour or so at a time while you are checking email and surfing the Web, for instance, then your risk is still low.

However, my advice is that it is always better to have something and not need it than to need it and not have it. This is especially true for firewalls. If you ever need one, the consequences of not having one can be tremendous. Without digressing from the focus of this article too much, let's just say that if you ever find yourself in this situation, you should have your Mac system restore CD handy, as it may very well be your only road to recovery.

There are a couple of good personal firewall products for Mac users: Symantec's Norton Personal Firewall for Macintosh and Intego's Net barrier. Symantec's product is currently fully Mac OS X compatible; Intego's product promises an OS X version in fourth quarter 2001, which is to say any day now. Both products give you basic firewall protection, and each has its additional strengths. Norton's features include:

• Protects TCP/IP and UDP connections
• Warns when AppleTalk is active and the computer is accessible over a cable modem or local area network
• Notifies you when access is attempted
• Logs all denied and allowed accesses
• Lets you allow or deny access by service, by port, or by address
• Includes built-in self-testing routines
• Can be updated automatically over the Internet with Symantec's LiveUpdate technology
• Features a "Learn More" button for easy access to security information on the Symantec web site
• Can be turned on and off from the Control Strip (except in OS X version).

The Net barrier product's features include:

• Protects and monitors all incoming and outgoing data
• A customized mode allows you to create your own defense rules, offering the most secure level of protection.
• Blocks all attempts to break into your Mac, detects wrong passwords and logs vandal attacks for complete protection
• An alarm to inform you of every intrusion attempt
• Analyzes data as it leaves your computer and prevents unauthorized exporting of private information such as credit card numbers, passwords, sensitive data and more
• Gives you control over cookies, blocking ad banners and blocking spam before you even download it
• Also helps cover your tracks, by refusing to give out certain personal information

Both products are easily updated over the Internet. Either product should provide more than adequate protection for the home user. One nice feature of the Norton Web site is the ability to run the "Symantec Security Check." This provides an online, real-time security check of your computer against known vulnerabilites. It takes only a couple of minutes to run and gives you a report of any problems it finds. I ran it on my iBook using my dialup connection and was happy to find that the program found no vulnerabilities. I highly recommend you check out this feature. This knowledge could help you decide whether you need to invest in a personal firewall product.

Anti-Virus Software

Unlike the personal firewall, there is no discussion necessary as to whether you need anti-virus protection. The answer, regardless of your situation, is, "Yes." Viruses are the single most common avenue of compromise in computers. They can be acquired by downloading files from the Internet, as attachments to email, or by loading an infected program from CD, floppy, or other removable storage medium. Viruses can range from simply bothersome to extremely destructive. Protection against them is a necessity.

My personal favorite on the Macintosh platrom is Symantec's Norton AntiVirus for Macintosh. It is easy to install and very easy to keep up to date through Internet downloads. However, this is merely my personal preference. Several other companies, such as Intego, Dr. Solomon, and Sophos also have excellent virus protection products for the Mac. All of the products do a great job of protecting your Mac from infection and all can be updated through the Internet.

Remember: Your antivirus product is only as good as the last time it was updated. You should check the website of your product manufacturer at least once a week for updates and immediately install any you find.

If you do not currently own antivirus software, you should purchase it without delay and always keep it up to date! Your Mac will thank you.